Friday Five — February 19, 2016

Red Hat Summit is the premier open source event to learn about the latest and greatest in cloud computing, platform, virtualization, middleware, storage, and management technologies. Attendees have access to industry experts and a broad base of knowledge, including: Customer, partner, and technology expert sessions across business & technical topics; visionary keynotes from industry leaders; and networking opportunities for direct collaboration with Red Hat engineers & the broader community. Come see what Red Hat Summit can offer you in San Francisco, June 27-30.

Microsoft Azure has become a Red Hat Certified Cloud and Service Provider and customers can now run Red Hat solutions natively on Azure. Those customers who are Red Hat Cloud Access subscribers can bring their own virtual machine images to run on Microsoft Azure. Azure customers will get access to Red Hat's application platform including: Red Hat JBoss Enterprise Application Platform, Red Hat JBoss Web Server, Red Hat Gluster Storage and OpenShift, Red Hat's platform-as-a-service offering... "[B]oth Microsoft and Red Hat have been working to operationalize Red Hat Enterprise Linux on Azure, and to provide a smooth user experience for customers using the world's leading enterprise Linux platform on Azure... In addition, the two teams have worked to ensure that Red Hat Enterprise Linux is fully certified by Red Hat, so that customers can be assured that they are receiving the exact same product as if they were getting it from Red Hat."

For an increasing number of agencies, the question of public vs. private clouds is evolving into a discussion of how to implement a hybrid cloud model characterized by fully automated self-service provisioning of virtualized workloads. Those on the path to the hybrid cloud must tread carefully, however, because it's not as simple as just tacking a cloud infrastructure onto an existing environment. That's especially true in the federal government, where "existing environment" often means using a mixture of legacy as well as next-generation hardware and software. Keeping that in mind, there are three distinct processes that agency IT professionals should follow to create a foundation for a more automated, agile and collaborative agency... [I]t's important to remember to create the hybrid cloud in a way that's open and easily adaptable.

Red Hat Developers opened its doors at DevNation last June to take in developers' input into what they'd like to see in Red Hat's new developer program. This past week, Red Hat Developers launched the full program incorporating that feedback. Developers.redhat.com provides access to many of Red Hat's product downloads, new content and blogs weekly, technically driven content and Red Hat's Content Contributors program. Signing up is easy and free. Explore Red Hat Developers and share.

Linux users today are scrambling to patch a critical flaw in the core glibc open-source library that could be exposing systems to a remote code execution risk. The glibc vulnerability is identified as CVE-2015-7547 and is titled, "getaddrinfo stack-based buffer overflow." ... Google engineers came across the CVE-2015-7547 issue when they were attempting to connect into a certain host system and a segmentation fault (segfault) occurred, causing the connection to crash... Linux vendor Red Hat also independently was looking at the bug in glibc and on Jan. 6, 2016, Google and Red Hat developers confirmed that they had been independently working on the same vulnerability as part of the initial private discussion with upstream glibc maintainers. "Once it was confirmed that both teams were working on the same vulnerability, we collaborated on potential fixes, mitigations and regression testing," Florian Weimer, principal software engineer for product security at Red Hat, told eWEEK. "We also worked together to make the test coverage as wide as possible to catch any related problems in the code to help prevent future issues."